SSL setup creates race condition

[colthreepv]

I'm trying to make a playbook installing postgres with some specific SSL certificates.

I should copy them with owner/group set as postgres/postgres (inside PGDATA), but the user gets created after the role is executed.
Moreover, also PGDATA dir (that on my distro is on /var/lib/postgresql/9.4/) gets created after role is executed, so I cannot copy the files in that directory.

This makes the role fail when it tries to start/restart

Easy workaround would be insert a copy task before postgresql-start, but how to deal with this race condition without editing this role?

[soupdiver]

Could you include the role in your playbook and then just add the tasks you need to enable SSL and restart Postgres?
So the role should be applied and everything should be created. You can then add your individual configuration

[farridav]

Ive had similar issues with nginx, i tend to use pre_tasks in my plays, and create the folder/copy the certs there.. the only other alternative is to have the role copy them in, but that would require paths that are either relative to the role or absolute..

[colthreepv]

Okey I appreciate at least that I'm not alone!

I will try and refactor my playbook creating the PGDATA dir myself and putting certificates there, so everything should be setup in a single run.
I'll report my findings there.

[farridav]

@MrGamer Have you managed to resolve your issue? can this issue be closed?

[colthreepv]

I haven't tested extensively proposed solutions since I have only a limited number of postgres setups to do.
Anyway you're free to close if you wish

[farridav]

Ok closing this. If we come up with a solution for handling this, or if it becomes a greater issue that you feel needs addressing, please feel free to raise it again